It's interesting to see critical thinking being applied to CryptDB in contrast to all the hoopla around it here. CryptDB is not a major theoretical breakthrough but potpourri of technologies to make it work. But then: I am curious whether there has been a formal security analysis done on CryptDB. All over the web it is just being praised without seemengly any thorough analysis.

On a side note: If there is none, I would like to take it up, but I am new to security analysis, so: Is there a good reference paper for carrying out security analysis on some crypto implementation?

2 Answers
2

A quick glance at their most recent paper shows some security analysis. Secton 2 talks about some different threats, what guarantees they can provide, etc. Section 8.3 also evaluates the security of the system. This may or may not be what you are looking for, you'd have to decide for your self.

You should include a summary of the article (in case the link breaks)
–
ponchoFeb 13 at 18:57

1

The article looks interesting, but I think your answer is strongly lacking structure and information. Why is there a list in it? Are these positive points or negatives? What's the "word from an IT developer" supposed to mean? You may well have an answer here, but please try and place yourself in our position when reading it over.
–
Maarten BodewesFeb 15 at 14:48